Many organizations keep their own password policies accordingly. When we provide the software solutions for this kind of companies we have to inherit the company password policy throughout the application. In identity server we have the facility to maintain the standard password policy in Startup. cs file as below you can control limited attributes using this function. But when it comes to a large scale to maintain the password policy we can use the below steps. Add PasswordPolicyHandlerService class in startup.cs file. In the PasswordPolicyHandlerService file inside the ValidateAsync method, you can customize your password policy as you prefer. But make sure to pass the relevant users to the method. Here I have used ApplicationUser. Thanks, Happy coding ๐
I was struggling to get refresh token along with the access token with user credential(username and password) while accessing the IdentityServer 4.Finally I could generate the successful response as a result of my hard work. If you need refresh token from the identityserver 4 you must set the below configurations to the Memory clients which are using in the application. I know some of you have the doubt about Memory clients๐ you are using memory client class in ConfigureServices method in the start up file as below screenshot. in there you have to set AllowedScopes to IdentityServerConstants.StandardScopes.OfflineAccess as below. Now you are finish with the configuration and you can try this using Postman(this could be your choice ๐) as below. Once you have the refresh token in you hand it is very easy to get access token instead of set session timeout therefore user won't feel inconvenience while using the application and fin...